Beruflich Dokumente
Kultur Dokumente
http://www.tavaana.org
h t t p : / / w w w. e c i v i c e d . o r g
E-Collaborative for Civic Education
:
E-Collaborative for Civic Education 2012
19
35
45
81
65
:
:
Smartphone
95
111
121
129
.
.
.
.
.
.
.
.
w w w. t a v a a n a . o r g
.
:
http://www.youtube.com/user/tavaana2010
. ( )1 1822
ARPA . 22:30 29 1969 L O
ARPANET - ( )UCLA
:
ARPANET
()2
10
w w w. t a v a a n a . o r g
.
:
2020
.
24
ABC NBC CBS .
50 5 13
38 .
210 80 . Spam.
Flickr .
:
.
50 . .
48 47 .
8 .
.
2006 .
95 .
( . )2012
18
2006 2011 .
23
.
.
.
w w w. t a v a a n a . o r g
11
12
w w w. t a v a a n a . o r g
.
Cap'n Crunch .
2600 AT&T )3(.
.
Kevin Mitnick
( ) :
.1 12
. :
...
.
.2 16
DEC
.
.3 Motorola NEC Nokia Sun Microsystems Fujitsu
()4
Siemens IBM .
Gary McKinnon
-
. 97
13 2001 2002
Solo .
() ( )
.
.
w w w. t a v a a n a . o r g
13
...
()5
( )
14
w w w. t a v a a n a . o r g
cyber bullying
1388
.
.
.
.
. .
.
IP
.
.
Kenzero .
.
1500 !
.
OSX.Trojan.iServices.B
. ()Port
.
.
.
99 .
Win 7 Anti-Spyware 2011 .
.
w w w. t a v a a n a . o r g
15
.
.doc .docx .
1390
. .
.doc
.
.
PayPal
.
.
.
. ( Phishing)
.
.
...
.
. :
.
.
.
Gh0st Rat .
.
16
w w w. t a v a a n a . o r g
:
.1
.
2009 AT&T
.
. AT&T
.
2011 75
.
.
25 2011
.
.
.
.2
.
.
A large scale denial of service attack
.
Comodo
Diginotar
.
.
.3 ()
.
w w w. t a v a a n a . o r g
17
. .
.
. .
.
.
.
. ( )Application
.
.
. .
.1
:
http://www.livinginternet.com/i/ii_rand.htm
.2 :1822
http://www.bitsavers.org/pdf/bbn/imp/BBN1822_Jan1976.pdf
.3 : Cap'n Crunch
.4 : Kevin Mitnick
http://www.webcrunchers.com/
http://news.cnet.com/8301-1009_3-9995253-83.html
.5 :
. :
http://foreignaffairs.house.gov/112/Fis041511.pdf
. :
http://graphics.thomsonreuters.com/11/04/CyberEspionage.pdf
. :
http://www.symantec.com/avcenter/reference/cyberterrorism.pdf
w w w. t a v a a n a . o r g
18
: .
http://www.mcafee.com/us/resources/reports/rp-good-decade-for-cybercrime.pdf
: .
http://www.cbsnews.com/htdocs/pdf/Cyberbullying_Pages_128_132.pdf
: .
http://www.mcafee.com/us/resources/white-papers/wp-cybercrime-hactivism.pdf
.
.
.
.
20
w w w. t a v a a n a . o r g
:
( )Social Engineering
(
) :iOS
1990 .
. 1990
packet spoofing 2000
( DDoS )Distributed Denial of Service
.
.
Packet spoofing
Hijacking sessions
Automated probes/scans
GUI intruder tools
Automated widespread attacks
Widespread denial of service attacks
executable code attacks - browsers
Techniques to analyze code for vulnerabilities without source code
Widespread attack on DNS infrastructure
Widespread attacks using NNTP to distribute attack
Stealth/advanced scanning techniques
E-mail propagation of malicious code
Increase wide-scale Trojan horse distribution
Distributed attack tools
DDoS attacks
Home users targeted
Anti forensic techniques
Increase in worms
Sophisticated command and control
Dummies .
1990
2012
Source: SE/CERT CC
w w w. t a v a a n a . o r g
21
:
.
. .
.
.
.
.
:
. .
.
.
.
.
Password
.
.
1. Social Engineering
22
w w w. t a v a a n a . o r g
.
.
:
.
.
.
.
.
Crack
.
.
w w w. t a v a a n a . o r g
23
.
.
. .
2004 .
.
.
.
.
.
.
. 2010
.
.
.
419 :
- -
.
50 .
w w w. t a v a a n a . o r g
24
:
:
----- Forwarded Message ----From: U.S. Department of State <dv@greencard-org.com>
To: XXX
Sent: Tuesday, September 6, 2011 3:04 PM
Subject: U.S. Department of State - United States Permanent Resident Card for XXX
Your registered name XXX is included to show this message originated from U.S. Department of State. U.S. Department of State notifies XXX of being selected as a winner of the Diversity Visa program.
Dear XXX, You are one of the 50,000 winners selected by the computer random draw from
the 12.1 million entries registered in the Diversity Immigrant Visa Program . The Diversity Immigrant Visa program is a United States congressionally-mandated lottery program for receiving
a United States Permanent Resident Card. It is also known as the Green Card Lottery.
Processing fees
Type of Residence Card Status Amount (per person) United States Permanent Resident Card
Granted! - Waiting for payment of processing fee $879 Processing fees Included Total $879
Although the Diversity Visa participation was free, the law and regulations require to every
diversity visa winner to pay a visa processing fee of $879. The Diversity Visa(Green Card) is
guaranteed upon receiving the payment.
The per person fee for each Diversity Visa is $879, payable in U.S. dollars or equivalent of
your local currency. This $879 fee is the only fee a winner needs to pay throughout the entire
relocation process.
Accompanying family members(wife/husband, fiancee, brothers, sisters, childrens, cousins)
may be included in the program and their visas will be provided at the same time with yours so
you can travel/move together in the same time. However the fees must be paid per person and
each member(e.g wife, brother, parents, childrens, cousin) must pay $879. There is no discount
for childrens.
Please note that you are allowed to take with you as many family members you want. However for each person you must pay an additional amount of U.S $879
For example if you decide to move in the United States with your wife and a kid the total fee
is US$879(your fee) + US$879(your wife) + US$879(your kid) = US$2637.
879
- .
. - ...
.
.
. .
w w w. t a v a a n a . o r g
25
.
.
.
.
.
: :
.
:
1380!
.
:
! .
.
:
:
.
8 ...
.
.
: .
... .
:
26
w w w. t a v a a n a . o r g
(
)
.
:
. .
.
.
:
.
.
. .
Gmail
.
Off the Record
.
.
.
.
w w w. t a v a a n a . o r g
27
.
-
.
.
.
.
.
.
.
.
.
( )Security Questions and Password hint
. .
.
Spoofing Sniffing
.
Sniffing
. Sniffing Sniffer
. Wireshark .
1. Packet spoofing
28
w w w. t a v a a n a . o r g
:Spoofing header
Spoofing
.
.
:
http://www.cis.syr.edu/~wedu/seed/Labs/Sniffing_Spoofing/Sniffing_Spoofing.pdf
.
1. Session Hijacking
w w w. t a v a a n a . o r g
29
:
.
.
.
.
. .
word attach
.
cookies .
.
.
.
: .
1. Denial of service attacks
30
w w w. t a v a a n a . o r g
.
5000 50
DDoS . Distributed denial-of-service attacks
.
:
1388
http://pagereboot.com/
Pagereboot .
request .
: request
.
2000 Mafiaboy
DDoS .
CNN Ebay Amazon Dell DDoS
. ( )Anonymous
.
w w w. t a v a a n a . o r g
31
DDoS
:
DDoS .
DDoS
.
DDoS
.
. Bot herder
Bot master
( )Zombie .
:
.
.
.
.
( )2007 ( )2008
DDoS
.
.
.
.
: :
1. Denial of service attacks using Botnets
32
w w w. t a v a a n a . o r g
.
!
.
.
:
.
Exploit pack
.
.
.
.
Exploit pack .
trendmicro
:
botnet 700 :
: botnet 2
( botnet)
400 :
10 : 1
292 :
116 :
130 :
500 :
1. Exploit packs
w w w. t a v a a n a . o r g
33
DDoS : 30 70 1200
150 :
Exploit pack
.
Exploit pack .
. Adobe Acrobat
.
Exploit pack KeyLogger
.
username password .
Exploit pack .
Exploit pack
Exploit .
Exploit pack
.
Exploit :
.
Exploit pack
Patch .
Secure DNS Comodo
Exploit
.
Aladel.net 56371 .
:
.
.
2010 .
1. Malwares
36
w w w. t a v a a n a . o r g
:
.
11/73 .
:
Virus :
.
...
Worm :
.
Trojan :
.
Rootkit :
.
Scare-ware :
.
Spyware :
.
.
Botnet
.
.
Spam :
.
w w w. t a v a a n a . o r g
37
:
()Trojan Horse
()Logic Bomb
()Back Door
()Virus
()Worm
()Rabbit
()Spyware
()Adware
()Hybrid, Dropper, Blended threat
()Zombie
()Trojan Horse
.
.
.
( )crack
.
.
.
( .EXE )
.
:
http://trojanwatch.org/wp-content/uploads/2011/11/trojans.png
()Logic Bomb
24 2010
.
38
w w w. t a v a a n a . o r g
()Back Door
.
:
.
()Virus
1980
.
:
.
.com .exe .bin
.
.
:
Sircam 2001, Nimda 2001, Magistr 2001, Melissa 1999, Mydoom 2004,
CIH Chernobyl 2001.
. ( )Update
.
.
. .
( )Load
.
. .
.
w w w. t a v a a n a . o r g
39
.
.
http://hackingtools.co.in/25-most-famous-computer-viruses-infographic/
10
:
http://www.popsci.com/scitech/gallery/2009-04/top-10-computer-viruses
()Worm
.
.
:
Anna Kournikova worm 2001, Klez worm 2001, Explorer worm 1999, Bad Benjamin
worm 2002, Loveletter worm 2000, Sasser worm 2004, Blaster worm 2003, Sobig worm
2003.
.
:
http://www.dw.de/dw/article/0,,15343414,00.html
http://youtu.be/scNkLWV7jSw
:
http://www.webopedia.com/DidYouKnow/Internet/2004/virus.asp
()Rabbit
.
.
. ..
.
.
40
w w w. t a v a a n a . o r g
.
()Spyware
.
.
.
Keylogger
.
.
.
.
:
http://www.infospyware.net/blog/where-does-your-malware-come-from/
()Adware
.
Spyware .
.
.
()Hybrid, Dropper, Blended threat
w w w. t a v a a n a . o r g
41
Dropper
.
Blanded Threat
.
()Zombie
. ( )Spam
( )distributed denial-of-service attack - DDoS attack.
. 2007
DDoS .
. :
http://www.axleration.com/inside-the-malware-business-infographic/
42
w w w. t a v a a n a . o r g
1986
Brain
1987
Stoned
1990
Form
1991
Michelangelo
1992
VCL
1994
Monkey
1995
Concept
1999
Happy99
1999
Melissa
2001
Code Red
attachment
2000
Love Letter
2003
Slammer
2003
Sobig
2003
Fizzer
2003
Cabir
2004
MyDoom
2004
Sasser
2004
SdBOT
2005
Haxdoor
SONY BMG
2006
Sony Rootkit
2007
Mebroot
p2p
Kazaa
w w w. t a v a a n a . o r g
43
2007
StormWorm
3D-Anti
Terrorist
2008
Conficker
2010
Stuxnet
1000
. :
http://www.symantec.com/content/en/us/enterprise/media/security_response/
whitepapers/w32_stuxnet_dossier.pdf
46
w w w. t a v a a n a . o r g
MyPassword Ty@N14_B Shiva1363 Tehran1234
.
. .
.
.
.
Log out
.
:
.
.
:
Amir_Tafreshi@gmail.com
Amir.Tafreshi@gmail.com
Amr_Trfs@gmail.com
Trash .
( )intimate
.
.
( )2 step verification .
.
:
http://googlepersianblog.blogspot.com/
_http://www.radiofarda.com/content/f7_commentary_over_making_gmail_more
secure/24324496.html
w w w. t a v a a n a . o r g
47
.1 attachment .
attachment
attachment .
.2
SSL :
( ):
http://www.dw.de/dw/article/0,,15359369,00.html
:
http://googlepersianblog.blogspot.com/2011/12/blog-post.html
http://www.youtube.com/embed/GtcVjOWHg9E?cc_load_policy=1&cc_lang_pref=fa
http://googlepersianblog.blogspot.com/2012/01/gmail.html
HTTPS .
.
.
:
48
w w w. t a v a a n a . o r g
:
http://lifehacker.com/5876541/use-this-infographic-to-pick-a-good-strong-password
:
https://www.azadcyber.info/articles/2429
:
http://protectme.webroot.com/wp-content/themes/webroot/images/passwordinfographic.png
Thunderbird
(
)...
Thunderbird .
PGP Thunderbird
.
. :
http://lifehacker.com/180878/how-to-encrypt-your-email
.
.
https://security.ngoinabox.org/en/thuderbird_encryption
.
( )
.
KeePass . :
http://keepass.info/
w w w. t a v a a n a . o r g
49
.
:
http://lifehacker.com/5042616/five-best-password-managers
: CCleaner
.
.
:
USB . mp3
. . Recuva
.
CCleaner
Trendmicro :
.
.
50
w w w. t a v a a n a . o r g
: Pidgin
.
.
SSL .
Pidgin OTR :
:
http://www.cypherpunks.ca/otr/
w w w. t a v a a n a . o r g
51
http://pidgin.im/download/
.
( )...
.
.
:
http://lifehacker.com/356291/ten-must+have-plug+ins-to-power-up-pidgin
()Browsers
( )malware.
.
:
.1
malware !Warning: Something's Not Right Here
phishing !Warning: Suspected phishing site
Sandboxing .2
XSS
Tab
Tab .
Sandboxing
.
52
w w w. t a v a a n a . o r g
Auto Update .3
.
.
()Anti Phishing
48 .
google safe browsing .
.
.
:
w w w. t a v a a n a . o r g
53
SmartScreen technology
9 Win. Vista Win. 7
. URL
click-jacking
( cross-site scripting
) .
.
54
w w w. t a v a a n a . o r g
9
.
cache .
. Gmail
.
:
Internet Explorer InPrivate
Mozilla Firefox Private Browsing
Google Chrome Incognito
Safari Private Browsing
Silverlight Flash
Adobe 10 Privacy mode
.
w w w. t a v a a n a . o r g
55
HTTPS Everywhere
HTTPS
. HTTPS
.
HTTPS .
HTTPS Everywhere
EFF HTTPS
.
( )
:
http://www.dw.de/dw/article/0,,15342696,00.html
56
w w w. t a v a a n a . o r g
Adobe
Adobe
Acrobat
.
Adobe
.
2 2008 28
2010 .
.
. Adobe
.
Flash Player
.
.
w w w. t a v a a n a . o r g
57
:
uninstall
.
.
no-script
incognito
Zozzle .
(Cross-site scripting (XSS
Cross-site scripting
.
Cross-site scripting :
.
58
w w w. t a v a a n a . o r g
.
.
Cross-site scripting . Cross-site scripting
.
.
XSS
.1 incognito private .
.2 Java NotScripts
.
.3 .
.4
https://www.google.com/ https://www.googles.com/
.
.5 .
. Cache .
.
Comodo Secure DNS
w w w. t a v a a n a . o r g
59
Comodo Secure DNS
.
ISP DNS
Large scale DNS Cache Poisoning . Comodo Secure DNS
.
Comodo Secure DNS DNS
:
Preferred DNS server address for Comodo Secure DNS is: 8.26.56.26
Alternate DNS server address for Comodo Secure DNS is: 8.20.247.20
TCP/IP
Router
Router .
DNS :
Windows Vista Instructions
Windows XP Instructions
Mac OS X Instructions
Router Instructions
patch
.
60
w w w. t a v a a n a . o r g
Secunia
.
Winzip Rar Real Player
.
.
( )Software ( )Firmware
. Windows Update
.
Secunia
http://secunia.com/vulnerability_scanning
.
:
Secunia OSI PSI
. ( )OSI
Secunia . ( )PSI
.
w w w. t a v a a n a . o r g
61
62
w w w. t a v a a n a . o r g
Cloud Computing
.
.
Outlook
. Google Docs
Microsoft Office
Office 365 .
Google Docs :
http://www.youtube.com/watch?v=qo-ZrbrAhDI
:
. .
.
.
.
Dropbox . Dropbox TrueCrypt
.
Backup
.
http://en.wikipedia.org/wiki/List_of_online_backup_services
w w w. t a v a a n a . o r g
63
USB Drive
.
BitLocker to Go .TrueCrypt
Ironkey
.
.
.
Autorun .
.
TrueCrypt
TrueCrypt
. TrueCrypt
.
w w w. t a v a a n a . o r g
64
TrueCrypt
: .
http://www.tafreevar.com/2603/truecrypt-safe-place-critical-information
.
SQL injection
Cross-Site Scripting (XSS)
HTTP Response Splitting
Open Redirect
Command Injection
Code Injection
Directory Traversal
XPATH Injection
LDAP injection
Forced Browsing
Blind SQL Injection
http://www.imperva.com/docs/HII_An_Anatomy_of_a_SQL_Injection_Attack_
SQLi.pdf
https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_
Sheet
http://vimeo.com/28268598
http://www.slideshare.net/eoftedal/avoiding-cross-site-scripting-not-as-easy-as-youmight-think
http://www.slideshare.net/fmavituna/how-to-detect-xss
http://resources.infosecinstitute.com/http-response-splitting-attack/
http://www.slideshare.net/innotech_conference/owasptop-10
http://www.acunetix.com/websitesecurity/cross-site-scripting.htm
http://www.cgisecurity.com/xss-faq.html
http://www.net-security.org/dl/articles/Javascript_malware.pdf
http://www.blackhat.com/presentations/bh-europe-08/Alonso-Parada/Whitepaper/
bh-eu-08-alonso-parada-WP.pdf
http://www.acunetix.com/websitesecurity/directory-traversal.htm
.
.
.
.
.
. :
.1 Panda Active Scan Panda Security
http://www.pandasecurity.com/homeusers/solutions/
activescan/
w w w. t a v a a n a . o r g
66
http://www.microsoft.com/security/scanner/en-us/default.aspx :
http://www.bitdefender.com/scanner/online/free.html :
67
w w w. t a v a a n a . o r g
Eset.com ESET .5
http://www.eset.com/us/online-scanner/ :
w w w. t a v a a n a . o r g
68
TrendMicro housecall .6
http://housecall.trendmicro.com/ :
w w w. t a v a a n a . o r g
69
99 .
.
Rogue security softwareRogue security software .
.
. :
http://en.wikipedia.org/wiki/Rogue_security_software
.
.
.1 comodo free internet security
.
:
http://www.comodo.com/home/internet-security/free-internet-security.php
70
w w w. t a v a a n a . o r g
.2 Malwarebytes
:
http://www.malwarebytes.org/
w w w. t a v a a n a . o r g
71
.5 AVG Free
.
:
http://free.avg.com
72
w w w. t a v a a n a . o r g
.6 Avira
:
http://www.avira.com/en/avira-free-antivirus
73
w w w. t a v a a n a . o r g
http://security.symantec.com/nbrt/npe.aspx?
74
w w w. t a v a a n a . o r g
:
aggressive
.
.
.
.
restart
.
.10
Spyware Doctor . :
http://www.pctools.com/forum/showthread.php?69406-2012-Release-PC-ToolsSpyware-Doctor-and-PC-Tools-Spyware-Doctor-with-AntiVirus-v9
w w w. t a v a a n a . o r g
75
.
.
.
Defense+
Comodo Internet Security
.
.
. Restart
.
.
.
.
.
.
.
write protect .
CD
rewrite .
install.
Spybot - Search & Destroy
76
w w w. t a v a a n a . o r g
http://download.cnet.com .
() .
:
w w w. t a v a a n a . o r g
77
.
Comodo Internet Security
Comodo Comodo
.
.
.
Firewall AntiVirus .Defence+
Defence+
( )Paranoid .
. Defence+
.
.
78
w w w. t a v a a n a . o r g
( )Open Source
.
Symantec McAfee Kaspersky
.
Cache
.
( )Rogue security software :
http://en.wikipedia.org/wiki/Rogue_security_software
:
.
P2P
Microsoft Security Essentials Trend Micro House Call
.
.
Comodo AVG Avira Trend Micro .
Spybot S&D .
.
15
.
w w w. t a v a a n a . o r g
79
Botnet
( )Botnet .
12 .
.
:
( )2006 ()2007
DDoS
:
http://www.geekosystem.com/botnet-infographic/
http://blog.trendmicro.com/big-botnet-busts/
:
http://www.thewindowsclub.com/infographic-botnets-demystyfied-and-explained
2009 Ghostnet .
1300 103
.
.
.
.
RUBotted
:
http://free.antivirus.com/rubotted
Cache .
80
w w w. t a v a a n a . o r g
25
.
.
2009
:
.1 :
.
Godaddy Wordpress.com.
.2 :
.
Deep Packet Inspection .
82
w w w. t a v a a n a . o r g
( )2009
6 .
(
).
.3 : Keyword
women woman girl Mousavi Moosavi
.
.4 :
80 TCP
HTTP .
FTP . VOIP Skype
.
HTTPS : .SSH
.5 ( :)Shallow Packet Inspection
( )DPI
. SPI
.
.
.6 ( :)Fingerprint Inspection
.
.
.
.7 Deep Packet Inspection
encrypted .
.
peer peer
w w w. t a v a a n a . o r g
83
Wordpress .Blogspot
.
.
RSS
..
. ..
.
( )Subscribe Google Reader
.
.
.. .
.. .
. :
http://www.google.com/reader
.
.
.
Reader Sharer :
https://chrome.google.com/webstore/detail/gmgmcmhmodidojodfoekpbjnejlhcbpb
http://userscripts.org/scripts/show/117034
Greasemonkey .
84
w w w. t a v a a n a . o r g
VPN
VPN
.
VPN L2tp PPTP
. IPsec
.PPTP-L2TP/IPSEC-SSTP-SSH-SSL-socks5 :
VPN
.
:
http://www.dw.de/dw/article/0,,15394437,00.html
Your-freedom
Your-freedom http://www.Your-freedom.net/
https:// .
Your-freedom Your-freedom .
Your-freedom Your-freedom
:
Your-freedom OpenVpn .
:
http://www.your-freedom.net/index.php?id=175
w w w. t a v a a n a . o r g
85
Your Freedom
:
https://www.azadcyber.info/articles/679
JonDo
https://www.azadcyber.info/articles/924
.
:
https://addons.mozilla.org/en-US/firefox/addon/access-freeneti/
86
w w w. t a v a a n a . o r g
()Psiphon
Psiphon3 VPN
Psiphon3.
Psiphon :
https://s3.amazonaws.com/f58p-mqce-k1yj/psiphon3.exe
Psiphone
.
Ultrareach
.
:
http://ultrasurf.us/
.
:
w w w. t a v a a n a . o r g
87
.
.
:
Exit .
()Freegate
.
Download.com Freegate
.
fg680f.exe
:
88
w w w. t a v a a n a . o r g
Status
.
( )127.0.0.1:8580 .
.
w w w. t a v a a n a . o r g
89
Tunnel . F3
SSL :
Setting .
.
.
90
w w w. t a v a a n a . o r g
Gpass
.
.
Socks Direct.
:
http://gpass1.com
http://gpass1.com/help-fa
.
Download.com .
.
:
w w w. t a v a a n a . o r g
91
Gtunnel
.
.
http://gardennetworks.org/download .
:
92
w w w. t a v a a n a . o r g
G .
.
()TOR
.
.
Tor Vidalia Torbutton Polipo .
:
http://www.torproject.org/docs/tor-doc-windows.html.en
:
.
.
Torbutton .
RealPlayer QuickTime .
. .
.
.
.
.
w w w. t a v a a n a . o r g
93
.
Torculler .
.
.
.
Paperbus
Paperbus
. Paperbus 7 :
http://www.paperb.us/#download
Paperbus
. Paperbus
.
94
w w w. t a v a a n a . o r g
ASProxy Wing
( ) .
:
https://www.azadcyber.info/articles/1131
()Hotspotshield
.
.
. :
http://hotspotshield.com
( )
:
https://www.azadcyber.info/articles/2340
.
20 .
600 .
1. Social networking
96
w w w. t a v a a n a . o r g
: :
Its finally holiday time again! I'm on my way to Palm Springs...
15
35 18 34 .
Google Street View .
.
.
.
https .
.
Log out.
Temporary file .
.
.
facebook.com/security :
: Login
. SSL .
( : ID verification )
.
: Social Authentication
.
: One Time Passwords
.
:
http://www.dw.de/dw/article/0,,6116519,00.html
( : Login Approvals
)
.
.
.
w w w. t a v a a n a . o r g
97
98
w w w. t a v a a n a . o r g
: Session Classifier
.
.
: Link Scanner
.
: Self XSS
.
: Application Classifier
.
: Suspected Hacking
.
w w w. t a v a a n a . o r g
99
100
w w w. t a v a a n a . o r g
: Remote Logout
LogOut .
.
: Guardian Angels
.
: Login Notifications
notifications .
: Roadblock
.
.
w w w. t a v a a n a . o r g
101
:
http://blog.commtouch.com/cafe/web-security/infographic-facebook-attacksin-2011/
. ( )2009 ( )2010 ( )2011
.
.
:
Impersonation
.
.
: 1390
.
.
.
provocateur
.
102
w w w. t a v a a n a . o r g
.
.
25
.
.
.
:
.1 https .
.2
SMS .
.3 .
w w w. t a v a a n a . o r g
103
.4 .
.
.
.
.5 .
.
.
.
.6 .
.
.
.7 .
.
.
.8 .
104
w w w. t a v a a n a . o r g
w w w. t a v a a n a . o r g
105
.10
. .
.11
.
.
.12 Ralationship status .
.13 .
106
w w w. t a v a a n a . o r g
.
.
:
http://blog.trendmicro.com/the-geography-of-social-media-threats
.
.
.
:
http://www.dw.de/dw/article/0,,6434375,00.html
.
.
:
http://www.dw.de/dw/article/0,,14988781,00.html
()Google+
:
https://plus.google.com/settings/privacy .
w w w. t a v a a n a . o r g
107
.
. :
https://plus.google.com/settings/exportdata
.
.
.
:
108
w w w. t a v a a n a . o r g
HTTPS
. :
HTTPS
.
. HTTPS
.
Tweetwipe
.
http://twitwipe.com/ :
( )HootSuite .
.
http://hootsuite.com
.
w w w. t a v a a n a . o r g
109
http://www.dw.de/dw/article/0,,6395966,00.html
.
.
.
.
.
Smartphone
.
.
.
.
.
112
w w w. t a v a a n a . o r g
.
.
.
.
.
.
review
.
.
.
JailBreak
.
Cydia
.
.
.
WiFi .
WiFi Adhoc
.
. :
http://www.dw.de/dw/article/0,,15394437,00.html
Smartphone
w w w. t a v a a n a . o r g
113
(
)
.
.
.
:
55
44
.
:
.
.
.
114
w w w. t a v a a n a . o r g
.
( )SMS ( )MMS
.
Skype
Facebook
.
IM+ Google Talk Facebook Skype Twitter
Jabber MSN Yahoo! ICQ AIM MySpace Iphone Android
Blackberry Windows mobile Symbian.
Fring IM+ Iphone
Ovi .
:
http://mashable.com/2011/08/12/mobile-malware/
Smartphone
w w w. t a v a a n a . o r g
115
.
.
.
.
.
:
http://www.theatlantic.com/technology/archive/2011/09/infographic-protectyourself-from-the-threat-of-mobile-malware/243998/
.
. .
.
.
.
.
.
wipe CCleaner . CCleaner
.
Message Box .
.
.
116
w w w. t a v a a n a . o r g
. N97
:
.
. IMEI #06#*
.
Theft Aware GadgetTrak Find my iPhone & iPad iOS .
.2 ( )Backup
wipe wipe .
. Zeros
Pseudorandom data US DoD 5220.22-M (E) US DoD 5220.22-M (ECE) Gutmann
Royal Canadian Mounted Police DSX
. Wipe Free Space
http://wipefreespace.sourceforge.net/ .
GSM .
. VOIP
GPRS
Smartphone
w w w. t a v a a n a . o r g
117
.
.
ENCRYPTED CELL PHONE .
.
.1
. .
.
.2 .
Accsess point DNS
.
.
.3 DECT
. .
.4
.
. .
Backup .
118
w w w. t a v a a n a . o r g
.
.
Fontal.a MMS MMS
. MMS
.
worm
worm, parasitic virus
worm
parasitic virus
parasitic virus
Trojan backdoor
Trojan
Trojan
Trojan + Worms
Trojan + Worms
Trojan
Trojan
Trojan
Trojan
Trojan
Trojan with worm
Trojan with other trojan
Trojan
Trojan
Trojan with worm
Trojan with worm
Trojan
Trojan
Worm
Trojan
Cabir.a
velasco
Commwarrior a,b,c
mabir.a
Duts.a
Brador.a
Mosquito.a
Skulls.a
CabirDropper.a
MGDropper.a
Dampig
Locknut.b
rever.a
Fontal.a
Hobbes.a
Nameoomboot.a
Onehop.a
Blankfont.a
Fontal.c
Nameoomboot.c
Nameoomboot.d
AppDisabler.a
Cardtrap.d
Caribe
Trojan_Mos
Smartphone
w w w. t a v a a n a . o r g
119
4 3 5
SSL MITM
.
.
Diginotar .
.
.
.
:
.1 .
.2 .
.3
.
.4 .
. .
.
.
.
122
w w w. t a v a a n a . o r g
.
.
:
.
.
.
.
.
.
:
CD DVD
SIM CARD MicroSD
.
Panda USB Vaccine
MicroSD
w w w. t a v a a n a . o r g
123
TrueCrypt
TrueCrypt
124
w w w. t a v a a n a . o r g
. TrueCrypt
.
TrueCrypt
.
Cloud Computing
.
Outlook
. Google Docs
Microsoft Office .
Office 365 .
Google Docs :
http://www.youtube.com/watch?v=qo-ZrbrAhDI
:
: .
:
.
.
w w w. t a v a a n a . o r g
125
Recuva1
recuva
.
... .
.
.
USB
.
.
1. www.piriform.com/recuva
126
w w w. t a v a a n a . o r g
CCleaner1
CCleaner
. wipe.
.
CCleaner.
.
.
CCleaner
.
1. www.piriform.com/ccleaner
w w w. t a v a a n a . o r g
127
Defrag
Smart Defrag1
. Defrag
system tools . Smart Defrag
.
.
restart .
1. www.iobit.com/iobitsmartdefrag.html
()Portable
.
.
...
.
.
:
.
.
130
w w w. t a v a a n a . o r g
.
: 2 4 .
: Panda USB Vaccine
.
:
:
Google Chrome1
-
.
Firefox2
1. http://download.cnet.com/Google-Chrome-Portable
2. http://portableapps.com/apps/internet/firefox_portable
w w w. t a v a a n a . o r g
131
Opera1
1. http://www.opera.com/
2. https://www.torproject.org/about/overview.html.en
132
w w w. t a v a a n a . o r g
CCleaner1
. .
Recuva2
. .
1. http://static.piriform.com/pf/download.png
2. http://www.piriform.com/recuva/download/portable
w w w. t a v a a n a . o r g
133
7Zip1
.
.
ClamWin2
.
http://portableapps.com .
1. http://www.7-zip.org/download.html
2. http://downloads.sourceforge.net/clamwin/clamwin-0.97.5-setup.exe
134
w w w. t a v a a n a . o r g
Audacity1
. ...
.
VLC Player2
.
.
.
1. http://audacity.sourceforge.net/download/windows
2. http://www.videolan.org/vlc/download-windows.html
w w w. t a v a a n a . o r g
135
GIMP1
.
.
Skype2
portableapps .
.
.
.
1. http://portableapps.com/apps/graphics_pictures/gimp_portable
2. http://portableapps.com/apps/internet/skype_portable
136
w w w. t a v a a n a . o r g
Pidgin1 OTR
portableapps
OTR
.
. OTR
.
1. http://portableapps.com/apps/internet/pidgin_portable
h t t p : / / w w w. t a v a a n a . o r g
h t t p : / / w w w. e c i v i c e d . o r g